Planned Giving

Get Involved

Locate the AABGU representative in your area and find out how you can plug in to your passions by supporting Ben-Gurion University of the Negev. You can also read about how BGU is impacting your local community.

News & Videos

Read about the many ways BGU is making a difference in the Negev, Israel and throughout the world. View videos that highlight the students, researchers and faculty who are turning David Ben-Gurion’s vision into a reality.

Research at BGU

Discover how BGU is advancing research in the sciences and the humanities. Bringing together the best and brightest Israeli and international researchers, BGU encourages collaboration and strives for excellence.

About

Learn about Ben-Gurion University of the Negev, Israel’s most innovative institution of higher learning and research, and how AABGU is helping fulfill David Ben-Gurion’s vision for Israel’s Negev region.

BGU’s Information Escape Artist

BGU’s Information Escape Artist

WIRED – The field of cyber security is obsessed with preventing and detecting breaches, finding every possible strategy to keep hackers from infiltrating your digital inner sanctum.

But, Dr. Mordechai Guri, head of research and development at BGU’s Cyber Security Research Center (CSRC), has spent the last four years fixated instead on exfiltration: How spies pull information out once they’ve gotten in.

Dr. Mordechai Guri

Specifically, he focuses on stealing secrets sensitive enough to be stored on an air-gapped computer, one that’s disconnected from all networks and sometimes even shielded from radio waves. Which makes Dr. Guri something like an information escape artist.

“Everyone was talking about breaking the air gap to get in, but no one was talking about getting the information out,” Dr. Guri says of his initial covert channel work, which he started in 2014 as a Ph.D. student in BGU’s Department of Information Systems Engineering.

“That opened the gate to all this research, to break the paradigm that there’s a hermetic seal around air-gapped networks.”

More, perhaps, than any single researcher outside of a three-letter agency, Dr. Guri has uniquely fixated his career on defeating air gaps by using so-called “covert channels,” stealthy methods of transmitting data in ways that most security models don’t account for.

Dr. Guri’s team of CSRC experts has invented one devious hack after another that takes advantage of the accidental and little-noticed emissions of a computer’s components — everything from light to sound to heat.

In newly published research, Dr. Guri’s CSRC team has even shown that they can pull data off a computer protected by not only an air gap, but also a Faraday cage designed to block all radio signals.

This new technique they call MAGNETO, is what Dr, Guri describes as the most dangerous yet of the dozen covert channels they’ve developed over the last four years. By carefully coordinating operations on a computer’s processor cores to create certain frequencies of electrical signals, their malware can electrically generate a pattern of magnetic forces powerful enough to carry a small stream of information to nearby devices.

﻿

The team went so far as to built an Android app they call ODINI, named for the escape artist Harry Houdini, to catch those signals using a phone’s magnetometer, the magnetic sensor that enables its compass and remains active even when the phone is in airplane mode.

Depending on how close that smartphone “bug” is to the target air-gapped computer, the team could exfiltrate stolen data at between one and 40 bits a second—even at the slowest rate, fast enough to steal a password in a minute, or a 4096-bit encryption key in a little over an hour.

Dr. Guri’s technique communicates with strong magnetic forces that can penetrate even Faraday barriers, like metal-lined walls, or a smartphone kept in a Faraday bag. “The simple solution to other techniques [designed to keep hackers out] was simply to put the computer in a Faraday cage and all the signals are jailed,” Dr. Guri says. “We’ve shown it doesn’t work like that.”